Encryption key rekeying apparatus and method

ABSTRACT

When a roaming communication unit ( 15 ) requires an updated encryption key to ensure continued secure communications with other communication units of its home system, it transmits a rekey request to a base site ( 16 ) for the system ( 14 ) in which it has a presence. The latter provides the rekey request to a key management facility ( 17 ) for that system. This key management facility, in turn, provides the rekey request to the key management facility ( 13 ) for the roaming communication unit&#39;s home system ( 10 ). The latter then forwards a rekeying message that includes a rekeying encryption key to the roaming communication unit ( 15 ) with the second system&#39;s key management facility ( 17 ) acting as an intermediary. In a preferred embodiment, the rekey message is encrypted using an encryption key that is presently available to the roaming communication unit but not to the second system&#39;s key management facility. Therefore, although the latter acts as an intermediary to facilitate the rekeying process, the latter is not able to decrypt the rekeying message and thereby gain access to the encryption key or keys of the roaming communication unit&#39;s home system.

TECHNICAL FIELD

This invention relates generally to encrypted communications and moreparticularly to wireless over-the-air rekeying.

BACKGROUND

Encryption methodologies of various kinds are well known in the art. Ingeneral, the contents of a so-called plain-text message (which maycomprise, for example, an alphanumeric message, digitized voice orvocoded voice, and so forth) are encoded pursuant to an encryptionalgorithm as a function of one or more encryption keys. Ideally, theresultant data stream will appear, for all intents and purposes, as arandom string of data elements (such as alphabetic characters or binaryones and zeros) notwithstanding the underlying pattern of the originalinformational content itself Encryption techniques are often employed toprotect wireless communications from unauthorized monitoring andeavesdropping.

Maintaining the security of an encrypted communication system usuallyrequires ongoing care and careful observation of specific procedures.For example, the encryption key(s) itself must be well protected as theencryption algorithm utilized by a given system will itself often beknown or ascertainable. As part of ensuring such security, theencryption key or keys for a given system will often be changed fromtime to time. There are various ways to facilitate this activity, butgenerally speaking, system operators prefer to arrange for a new key tobe provided to the communication units of a given system on an as-neededbasis (or shortly before such anticipated need). When a system operatorhas direct physical access to a given communication unit a newencryption key can be installed with a relatively high assurance ofsecurity as the operator can chose a physical location and thecircumstances attending such installation.

It is not always convenient or even possible, however, for all of thewireless communication units in a given system to be brought, more orless simultaneously, to a common location to permit the physicalinstallation of a new encryption key. As a result, the logisticchallenge of installing a new encryption key over a wide number ofgeographically distributed communication units can be challenging enoughto discourage some operators from varying their encryption keys in asufficiently aggressive manner to comport with generally recommendedsecurity protocols.

One solution has been to provide a wireless transmission to suchwireless communications units that includes the new encryption key. Toprotect that new encryption key, the rekeying message, including the newencryption key, is often encrypted through use of another encryptionkey. In a relatively closed system, this approach tends to constitute asatisfactory solution. The key management facility of a given wirelesscommunication system can readily accommodate the necessary process toeffect the installation of new encryption keys while using anotherencryption key with an acceptable level of security.

Many modern communication units, encrypted and otherwise, are capable ofextra-system performance, however. For example, an encryptedcommunication unit belonging to a first system can roam outside of thatfirst system and into a second system and nevertheless operatecompatibly within the second system. This compatible operation caninclude, for example, both encrypted and clear communications with otherunits that also belong to the first system. When the home systemswitches its encryption key, however, this switch must be accomplishedfor roaming communication units as well as for more locally positionedunits. Otherwise, the roaming units will no longer be able tocommunicate in an encrypted mode compatibly with other system users.

To meet this need, the prior art provides for a communication linkbetween the key management facilities of differing systems. Soconfigured, a roaming communication unit can communicate with the keymanagement facility of a non-home system and request, for example, arekeying event. That key management facility then contacts the home keymanagement facility for that communication unit and receives therekeying information. The rekeying information will be encrypted withthe second encryption key in accord with prior practice. To make use ofthat information, however, the non-home system key management facilitymust be provided with the second encryption key (because the non-homesystem key management facility must have clear access to the newencryption key in order to facilitate rekeying the roaming communicationunit). This means that the non-home system key management facilitytherefore will have access to the other system's encryption key itself.

For many applications this is acceptable. For other applications,however, this presents an unacceptable breach of security. Non-systemaccess to one's encryption key permits a variety of unauthorized andundesired activities, including but not limited to eavesdropping,inappropriate programming of the communication units themselves, and soforth. Notwithstanding this attendant risk of compromised security,however, the above-described process, whereby an intervening keymanagement facility has knowing access to the encryption key of anothersystem in order to thereby effect the proper and timely rekeying of aroaming communication unit, essentially represents a typical and presentbest available rekeying process.

BRIEF DESCRIPTION OF THE DRAWINGS

The above needs are at least partially met through provision of theencryption key rekeying apparatus and method described in the followingdetailed description, particularly when studied in conjunction with thedrawings, wherein:

FIG. 1 comprises a block diagram of two communication systems asconfigured in accordance with an embodiment of the invention;

FIG. 2 comprises a block diagram of a portion of a key managementfacility as configured in accordance with an embodiment of theinvention;

FIG. 3 comprises a flow diagram as configured in accordance with variousembodiments of the invention; and

FIG. 4 comprises a signaling diagram as configured in accordance withvarious embodiments of the invention.

Skilled artisans will appreciate that elements in the figures areillustrated for simplicity and clarity and have not necessarily beendrawn to scale. For example, the dimensions of some of the elements inthe figures may be exaggerated relative to other elements to help toimprove understanding of various embodiments of the present invention.Also, common but well-understood elements that are useful or necessaryin a commercially feasible embodiment are typically not depicted inorder to facilitate a less obstructed view of these various embodimentsof the present invention.

DETAILED DESCRIPTION

Generally speaking, pursuant to these various embodiments, a rekeyingevent for a roaming communication unit can be supported with the aid ofa non-home key management facility but without disclosing to thatnon-home key management facility either the new encryption key or theencryption key used to encyrpt the new encryption key during therekeying process.

In a preferred approach, a key management facility essentially effectsrekeying in substantially the same manner regardless of whether therekeying target communication unit is a roaming unit or a non-roamingunit. Upon receiving an encryption key rekeying request from anon-roaming communication unit, the facility communicates a rekeyingmessage that includes a rekeying encyryption key, wherein at least aportion of the rekeying encryption key is encrypted using an encryptionscheme that is decypherable by the non-roaming communication unit. In asimilar fashion, upon receiving an encryption key rekeying request froma roaming communication unit, the facility communicates a rekeyingmessage that again includes a rekeying encryption key, wherein again atleast a portion of the rekeying encryption key is encrypted as afunction of an encryption scheme that is decypherable by the roamingcommunication unit.

So configured, the roaming communication unit will essentially receivethe same rekeying message as a non-roaming communication unit albeitthrough the auspices of a non-home system key management facility.Although the latter receives the rekeying message from the home systemkey management facility, the non-home system key management facilityneither has nor needs the encryption key that the home system keymanagement facility employs to encrypt the rekeying encryption key. As aresult, the encryption keys of the home system remain securenotwithstanding their passage through the non-home system to effectrekeying of the roaming unit.

Though counterintuitive to the architectural premise that underlies theconfiguration and deployment of the key management facilities, thisapproach nevertheless holds considerable promise for compatible,effective, and secure rekeying of remotely located communication units.

The rekeying message itself can comprise a single message or a pluralityof messages as desired and/or as appropriate to the needs of a givensystem or protocol.

Referring now to the drawings, and in particular to FIG. 1, a firstcommunication system 10 will typically include at least a first systembase site 11 that supports wireless communications with one or(typically) more non-roaming communication units 12 that operate withinthe coverage range of the first system base site 11. (Those skilled inthe art will recognize that, in a typical installation, a system such asthis will more likely include a considerably greater number of basesites to permit expanded geographic coverage and/or expanded trafficcapacity. Only one such base site is illustrated here for the purpose offostering clarity.) The communication services that this first system 10supports can be many and can be varied (including, for example, bothvoice services and various kinds of bearer data services). The teachingsset forth herein are compatible with such variations and will likelyremain so as hereafter developed services are proposed or broughton-line. Such a system can also use whatever resource allocation and/ormodulation and signaling protocol may be appropriate or desired to suitthe needs of a given application. In general, such system elements arewell understood in the art and therefore will not be elaborated on herein greater detail. In a preferred embodiment this wireless communicationsystem will support wireless encrypted communications amongst authorizednon-roaming and roaming communication units using at least one activehome system encryption key as noted below.

Encryption keys as utilized by the non-roaming communication unit 12 arecontrolled by a first key management facility 13 such as a keymanagement facility as is known and understood in the art. Such afacility 13 operably couples to the first system base site 11 to effect,for example, rekeying of communication units. (Such rekeying can beoccasioned in response to a variety of stimuli, including but notlimited to specific requests from communication units or pre-programmedrekeying actions that are triggered by specific events or the attainmentof a predetermined point in time.) To this end, the first key managementfacility 13 will typically have one or more home system encryption keys.For purposes of this description, we presume that the first keymanagement facility 13 presently uses home system encryption key A. Thismeans that encrypted communications within the first system 10 areencrypted as a function of encryption key A.

With momentary reference to FIG. 2, the first key management facility 13will preferably include a rekeying request processor 21, a rekeyencryption key 22, a rekeying encryption key selector 23, and a homesystem encryption key or keys 24. Such functionality can be providedthrough a combination of discrete platforms or through use of anintegral, likely programmable platform. Such architectural choices arewell understood in the art.

The rekeying encryption key selector has a rekeying home systemencryption key output and serves, at least in part, to select a newactive home system encryption key (as a function, for example, of atemporal schedule). The selector 23 may select a new encryption key bygenerating it upon demand or, as shown, by selecting one of manycandidate encryption keys 24. The rekeying request processor 21 thenserves, at least in part, to encrypt the new encryption key as selectedby the encryption key selector 23 using another encryption key 22. (Itwill be understood that this second encryption key 22 can be essentiallyfixed for a given system or can be varied in response to the passage ortime or the attainment or detection of other milestone events ortriggers. It is also possible that this second encryption key 22 can bethe same as the home system encryption key if that approach isconsidered sufficiently secure for a given application.) The rekeyingrequest processor 21 provides substantially the same rekeying homesystem encryption key output, in substantially the same format, inresponse to a rekeying request from both a non-roaming and a roamingauthorized communication unit. This is achieved, in part, by encryptingthe rekeying information to be transmitted to either the roaming or thenon-roaming communication unit using an encryption key that is likelypossessed by a receiving authorized roaming or non-roaming communicationunit. Furthermore, in a preferred embodiment, this rekeying informationwill be encrypted using an encryption key that is likely not possessedby an intermediary communication system node (such as, but not limitedto, an intermediary other-system key management facility).

Referring again to FIG. 1, as mentioned above, first systemcommunication units can roam away from the first system 10. For example,as illustrated, a roaming communication unit 15 can move to a secondsystem 14 having a second system base site 16. The roaming communicationunit 15 can communicate with non-roaming communication units 12 via thesecond system base site 16 and an appropriate link 18 that couples thelatter to the first system 10 and ultimately to the first system basesite 11. When both communication units 15 and 12 have compatibleencryption keys these communications can be encrypted.

In this exemplary embodiment the second system 14 has a second keymanagement facility 13. So configured, the latter can administer thedistribution and subsequent usage of a second system home systemencryption key (which encryption key will typically be different fromthe encryption key used by the first system 10 and unknown to the latteras well). Pursuant to a preferred approach, the second key managementfacility 17 has a communication link 19 to the first key managementfacility 13 of the first system 10. As shown, this communication link 19can comprise a dedicated link such as a landline. Other approaches canbe used as well, however, including but not limited to a shared intranetor extranet (including, for example, the Internet) link. This link maybe fully wireline, wireless, or a combination of both as may suit theneeds and requirements of a given application. So configured, the secondkey management facility 17 can serve as an intermediary communicationsystem node to effect rekeying of the roaming communication unit 15 bythe first key management facility 13.

To illustrate, and referring now to FIG. 3, the first key managementfacility 13, upon receiving 31 a rekey request from a non-roamingcommunication unit, can communicate 32 a rekeying message to thenon-roaming communication unit that includes a rekeying encryption keywherein at least a portion of the rekeying encryption key is encryptedusing an encryption scheme that is decypherable by the non-roamingcommunication unit. The wireless facilities of the first system 10 arepreferably employed to effect this communication. Optionally, the keymanagement facility will receive 33 an acknowledgement from thenon-roaming communication unit to confirm receipt of the rekeyingmessage and/or successful rekeying.

In a similar fashion, this same key management facility 13 can receive34 a rekey request from a roaming communication unit. In a preferredembodiment an intermediary communication system serves to forward thisrekey request from the roaming communication unit to the key managementfacility 13. In particular, the key management facility 17 for thesystem into which the roaming communication unit has roamed canpreferably serve this intermediary function. The home system keymanagement facility 13 can then communicate 35 a rekey message to theroaming communication unit through that same intermediary facility.

This rekey message will preferably include a rekeying encryption key tobe subsequently used by the roaming communication unit (eitherimmediately or at a scheduled or otherwise triggered future time). In apreferred embodiment, this rekeying encryption key will itself have atleast a portion thereof encrypted as a function of an encryption schemethat is decipherable by the roaming communication unit; that is, theroaming communication unit does not require an intermediary platform todecrypt the rekeying message as the roaming communication unit has thepre-existing wherewithal to permit such decryption (in particular, theroaming communication unit has the necessary encryption key or keys topermit decryption of the rekeying message). So configured, theintermediary platform, while necessary to permit the forwarding of therekeying message to the roaming communication unit, does not itself needto decrypt the rekey message in order to facilitate the rekeying of theroaming communication unit. This, in turn, permits maintaining theencrypted nature of the rekeying encryption key with respect to theintermediary facility in direct contravention of prior art practice andthereby better assuring the confidential nature of the rekeyingencryption key.

The rekeying message can comprise a single message or can be parsed overa plurality of discrete messages as desired. For example, the completerekeying message can include communicating a first rekeying message tothe roaming communication unit and then providing a second rekeyingmessage to the roaming communication unit (in response, for example, toreceipt of an acknowledgement message from the roaming communicationunit in response to receiving the first rekeying message).

So configured, it can be seen that the roaming communication unit canutilize its existing home system encryption key (or some otherencryption key as may be specifically utilized for the encryption ofrekeying encryption keys) to decrypt the rekeying encryption key uponreceipt. There is no specific need for a unique roaming encryption keynor for any encryption keys of the second system to be brought intousage.

Upon successfully receiving the rekeying message, if desired, theroaming communication unit can transmit a corresponding acknowledgementmessage that is then received 36 by the first key management facility13. Of course, if such an acknowledgement is expected and not received,the key management facility can pursue such other course of action asmay be desired or appropriate. For example, the key management facilitycan automatically retransmit the rekeying message. As another example,the key management facility can wait for a new rekeying request from theroaming communication unit prior to taking any subsequent action.

The overall flow of these various processes may be better understoodupon reference to FIG. 4.

A non-roaming communication unit can begin the rekeying process bytransmitting a rekey request 40 to the first system base site. The firstsystem base site then forwards 41 that rekey request to the first keymanagement facility. The latter responds with a rekey message 42 thatincludes an encrypted rekey encryption key to the base site which thenforwards 43 that rekey message to the non-roaming communication unit.Upon successfully receiving and/or effecting the rekey event, the lattercan then transmit an acknowledgement message 44 to the first system basesite. The latter will then forward 45 that acknowledgement to the firstkey management facility to complete the process.

Though effected through an intermediary key management facility, muchthe same process serves to facilitate the rekeying of a roamingcommunication unit. The roaming communication unit transmits a rekeyrequest 46 to the second system base site which then transfers 47 thatrekey request to the second system key management facility.

The latter determines the address of the destination for this rekeyrequest. For example, the second system key management facility may beable to identify the first key management facility by referring to aspecific address or other identity or alias as may be included in therekey request itself As another example, the second system keymanagement facility may have access to a look-up table or other presenceor home register database or server that can be used to correlateinformation from the roaming communication unit (such as itsself-identifying information) with the address information for the firstkey management facility. These are only illustrative examples and itwill be understood that various other ways of providing or obtainingthis information are presently known and will no doubt be furthersupplemented with hereafter-developed methods and techniques. The secondkey management facility then forwards 48 that rekey request to the firstkey management facility.

As with a non-roaming communication unit, the first key managementfacility prepares a rekey message and transmits 48 that rekey messageback to the second key management facility. This rekey message willpreferably be encrypted using, for example, a home encryption key forthe first communication system. This rekey message can be comprised of asingle transmission/message or can be comprised of a plurality oftransmissions/messages as noted above. This rekey message will typicallyinclude a rekey encryption key to be provided to the roamingcommunication unit along, optionally, with other additional rekeyinginformation as may be appropriate in a given system. For example, therekey message could include information regarding when the roamingcommunication unit should begin to use the new encryption key.

The second key management facility, without decrypting this rekeyingmessage (in part because it is not necessary and in part because thesecond key management facility lacks the encryption key to facilitatethe decryption process), then forwards 50 that rekey message to thesecond system base site. The latter will then transmit 51 that encryptedrekey message to the roaming communication unit.

Following receipt of the rekey message and/or following successfullyeffecting a corresponding rekeying event, the roaming communication unittransmits an acknowledgment 52 to the second system base site, whichforwards 53 that acknowledgement to the second key management facility.The latter, as with the other messages that correspond to the rekeyactivity, then forwards 54 that acknowledgement to the first keymanagement facility.

Pursuant to these various embodiments, a roaming communication unit canremain current with respect to the encryption key or keys being used byits home system while simultaneously permitting the system to which ithas roamed to act as an intermediary for that rekeying process whileavoiding potentially compromising the security of the new encryptionkey. Unlike prior practice in this regard, the rekey process will nowproceed in a manner that is essentially transparent to the roaming unit.At the same time, although the second system's key management facilityremains unaware of the first system's encryption key (and hence remainsunaware of the exact contents of the complete rekey message), this keymanagement facility nevertheless remains functional as a rekeyingintermediary. As a further benefit, these embodiments can be readilyimplemented in a relatively cost effective manner.

Those skilled in the art will recognize that a wide variety ofmodifications, alterations, and combinations can be made with respect tothe above described embodiments without departing from the spirit andscope of the invention, and that such modifications, alterations, andcombinations are to be viewed as being within the ambit of the inventiveconcept.

1. A method comprising: at a key management facility: receiving anencryption key rekeying request from a non-roaming communication unit;communicating to the non-roaming communication unit a rekeying messagethat includes a rekeying encryption key, wherein at least a portion ofthe rekeying encryption key is encrypted using an encryption scheme thatis decypherable by the non-roaming communication unit; receiving anencryption key rekeying request from a roaming communication unit;communicating to the roaming communication unit a rekeying message thatincludes a rekeying encryption key, wherein at least a portion of therekeying encryption key is encrypted as a function of an encryptionscheme that is decypherable by the roaming communication unit.
 2. Themethod of claim 1 wherein receiving an encryption key rekeying requestfrom a roaming communication unit includes receiving an encryption keyrekeying request from a roaming wireless communication unit.
 3. Themethod of claim 1 wherein receiving an encryption key rekeying requestfrom a roaming communication unit includes receiving an encryption keyrekeying request from a roaming communication unit via at least oneintermediary communication system.
 4. The method of claim 3 whereincommunicating to the roaming communication unit a rekeying message thatincludes a rekeying encryption key, wherein at least a portion of therekeying encryption key is encrypted as a function of an encryptionscheme that is decypherable by the non-roaming communication unitincludes communicating to the roaming communication unit a rekeyingmessage that includes a rekeying encryption key, wherein at least aportion of the rekeying encryption key is encrypted as a function of anencryption scheme that is decypherable by the roaming communication unitand not readily decypherable by the at least one intermediarycommunication system.
 5. The method of claim 1 and further comprising:receiving an acknowledgement message from the roaming communication unitto indicate successful reception of the rekeying message.
 6. The methodof claim 1 wherein communicating to the roaming communication unit arekeying message includes: communicating to the roaming communicationunit a first rekeying message; receiving an acknowledgement message fromthe roaming communication unit in response to receiving the firstrekeying message; communicating to the roaming communication unit atleast a second rekeying message; wherein at least one of the first andsecond rekeying message includes the rekeying encryption key.
 7. Themethod of claim 1 wherein communicating to the roaming communicationunit a rekeying message that includes a rekeying encryption key includescommunicating to the roaming communication unit a rekeying message thatincludes a rekeying encryption key that comprises a home systemencryption key for the key management facility, such that the roamingcommunication unit is provided with a home system encryption key ascorresponds to the home communication system for the roamingcommunication unit as versus a unique roaming encryption key or anencryption key as is used by a communication system into which theroaming communication unit has roamed.
 8. A key management facilitycomprising: at least one active home system encryption key; a rekeyingencryption key selector having a rekeying home system encryption keyoutput; a rekeying request processor that is operably coupled to therekeying encryption key selector; a wireless communication interfacethat is operably coupled to the at least one active home systemencryption key and the rekeying request processor and wherein thewireless communication interface further couples to a wireless homecommunications system that supports wireless encrypted communicationsamongst authorized wireless non-roaming and roaming communication unitsusing the at least one active home system encryption key; wherein therekeying request processor provides substantially the same rekeying homesystem encryption key output, in substantially the same format, inresponse to a rekeying request from both a non-roaming and a roamingauthorized communication units.
 9. The key management facility of claim8 and further comprising a plurality of active home system encryptionkeys.
 10. The key management facility of claim 8 wherein the rekeyingencryption key selector includes rekeying means for selecting a newactive home system encryption key.
 11. The key management facility ofclaim 10 wherein the rekeying means selects the new active home systemencryption key as a function, at least in part, of a temporal schedule.12. The key management facility of claim 8 wherein the wirelesscommunication interface includes encryption means for encryptingrekeying information to be transmitted to either of a roaming and anon-roaming communication unit using an encryption key that is likelypossessed by a receiving authorized roaming and non-roamingcommunication unit but that is not likely possessed by an intermediarycommunication system node.
 13. The key management facility of claim 12wherein the intermediary communication system node includes anotherencryption management facility.
 14. A method for rekeying wirelesscommunication units that share a home key management facility,comprising: at a roaming communication unit: transmitting via a secondkey management facility a rekeying request to the home key managementfacility; at the home key management facility: receiving the rekeyingrequest; preparing a rekeying message, which rekeying message includesat least a rekeying encryption key, and which rekeying message is atleast partially encrypted using an encryption key that is possessed bythe roaming communication unit and not by the second key managementfacility; transmitting at least a portion of the rekeying message to theroaming communication unit via the second key management facility; atthe roaming communication unit: receiving the rekeying message astransmitted by the home key management facility; decrypting the rekeyingmessage using the encryption key.
 15. The method of claim 14 and furthercomprising, at the roaming communication unit, transmitting a rekeyingmessage reception acknowledgement message via a communication systemthat includes the second key management facility to the home keymanagement facility.
 16. The method of claim 15 and further comprising,at the home key management facility, receiving the rekeying messagereception acknowledgement.
 17. The method of claim 16 and furthercomprising, at the home key management facility, transmitting additionalrekeying information to the roaming communication unit via thecommunication system that includes the second key management facility.